aanarchyy / wifite-mod-pixiewps Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v3.0
License: GNU General Public License v3.0
use
"macchanger -A wlan1" instead plz
-A argument uses known random manufacturer.
-r total made up mac address
[+] scanning for wireless devices...
phy0
[+] enabling monitor mode on phy0... done
phy0
[+] enabling monitor mode on phy0... done
phy0
[+] enabling monitor mode on phy0... done
endless
any fix ???
[0:00:00] initializing PixieWPS attack on FULTON EXP000000000 (00000000:28:50)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] PIN found: 36799084
[+] Handing pin to reaver
[0:00:00] initializing WPS PIN attack on FULTON EXP000000000 (00000000:28:50)
[0:00:14] WPS attack, 0/2 success/ttl,
[+] PIN found: 36799084
[+] WPA key found: 0000000000
[0:00:00] initializing PixieWPS attack on ai00000 (0000000:24:65)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on NETG00000(0000000:1C:A5)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on TP-LINK_300000 (0000000:68:60)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on METR000000 (00000000:1B:C1)
^C
(^C) Pixiewps attack interrupted
[+] 5 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): c
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on LUZ DES000000000 (00000000:C8:30)
[+] E-Nonce found
[+] PKE hash found
^C
(^C) Pixiewps attack interrupted
[+] 4 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): e
Traceback (most recent call last):
File "./wifitemod", line 3164, in
main()
File "./wifitemod", line 325, in main
need_handshake = not wps_attack(iface, t)
File "./wifitemod", line 2939, in wps_attack
send_interrupt(proc)
UnboundLocalError: local variable 'proc' referenced before assignment
I have wofite installed in my /usr/bin folder, and any time I update with "wifite -update" the one in /usr/bin is deleted, and the new one is placed at my home folder. I'm not sure if this is supposed to happen or not.
Keep up the good work!
Is there anyway to configure wifite to use force -f on pixie wsp attack ?
the issue is that some networks pixie-wps can not crack them if -f option is not active .
an automated script on wifite could be usefull .
Something like this
If pixie-wps unable to get pin on normal cracking mode , then test "Brute force" option .
and then if brute force fails then starts the handshake capture like it usually do .
thanks for the changes in wifite .
from https://github.com/brianpow/wifite
[0:00:43] scanning wireless networks. 33 targets and 6 clients found.
[!] [0:00:23] deauthing hidden access point (00:00:00:00:02:30) with no client
[!] [0:00:23] deauthing hidden access point (00:00:00:00:02:30) with no client
[!] [0:00:23] deauthing hidden access point (00:00:00:00:02:33) with no client
[!] [0:00:23] successfully decloaked "ks000000" (00:00:00:00:46:91)
[!] [0:00:23] deauthing hidden access point (00:00:00:00:A8:10) with client (00:00:00:00:95:C5)
[!] [0:00:23] deauthing hidden access point (00:00:00:00:81:49) with client (00:00:00:00:32:9E)
This awesome, havent ran across any scripts that do this...... pick'd up several routers trying to "hide".
Not saying COPY. Just bringing your attention, get your thoughts
[0:30:16] Waiting
On all targets it just says waiting I am I doing something wrong?? I just used
./wifite-ng --wps
All APs show 'No' when listing even if they are WPS enabled, therefore wifite will not use pixiewps or reaver to crack them.
So I am not sure what is going on here but on Kali Nethunter wifite-ng fails to crack WPS using pixiewps but when the same attack is attempted by the version of wifite kali nethunter ships with the attack succeeds, wifite-ng gets up to the point where it passes the hashes,authkey and nonce to pixiewps then returns the "pixiewps attack failed" error message. The info on the access point I tested this on is bellow:
Manufacturer: Realtek Semiconductor Corp.
Model Number: EV-2010-09-20
In r104 only:
mac address anonymizing enabled
I liked the spoofed mac being displayed like previous versions. Why change? Your choice of course.
Latest Reaver-mod-t6x works fine manually but not with latest wifite-mod script. Parsing problem maybe? It just keeps going and going with no AP parameters being pulled to use with pixiewps.
Hi,
Great tool . I have used it plenty of times on Kali 1.0
But on Kali 2.0 it just says
enabling monitor mode on phy1
enabling monitor mode on phy1
enabling monitor mode on phy1
any ideas?
Thank you !
Running wifite with "-mac" parameter raise error:
[+] scanning for wireless devices...
phy1
Traceback (most recent call last):
File "/usr/bin/wifite-ng", line 3296, in
main()
File "/usr/bin/wifite-ng", line 265, in main
iface = get_iface()
File "/usr/bin/wifite-ng", line 1041, in get_iface
mac_anonymize(monitor)
File "/usr/bin/wifite-ng", line 1653, in mac_anonymize
ORIGINAL_IFACE_MAC = (iface, old_mac)
UnboundLocalError: local variable 'old_mac' referenced before assignment
when cracked.txt is opened in leafpad its all machine language. its definitely not ascii.
but if read with GVim, I can read it.
The pre-release version of pixiewps 1.1 doesnt play nice with wifite. And pixiewps 1.1 is do out any day.
The script should check versions of programs it uses to at least warn user.
Reaver
pixiewps
etc
Wifite failed because pixie failed a known vulnerable chipset. Emailed output. The router was indeed vulnerable
[0:00:00] initializing PixieWPS attack on DG1670000 (00000000:27:80)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] PIN found: 76796517
[0:00:00] initializing PixieWPS attack on Wiley0000 (00000000:D7:40)
[!] unable to complete in 75 seconds
[+] skipping pixiewps on WileyRiley
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on DVW320000 (00000000:3E:6B)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on atlantis2010000 (00000000:6D:15)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on 407009EA0000 (00000000:20:20)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] PIN found: 35403876
[0:00:00] initializing PixieWPS attack on DVW3200000 (00000000:A9:5E)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on DG1670000 (00000000:1E:90)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
^C
(^C) Pixiewps attack interrupted
[+] 17 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): e
Traceback (most recent call last):
File "./wifitemod", line 3148, in
main()
File "./wifitemod", line 324, in main
need_handshake = not wps_attack(iface, t)
File "./wifitemod", line 2930, in wps_attack
send_interrupt(proc)
UnboundLocalError: local variable 'proc' referenced before assignment
root@*****:~/wifite-mod-pixiewps-master#
[0:00:00] initializing PixieWPS attack on DVW320000 (000000:3E:6B)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
False
[0:08:20] starting wpa handshake capture on "DVW320000"
[0:08:13] listening for handshake...
(^C) WPA handshake capture interrupted
[+] 47 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): c
[0:00:00] initializing PixieWPS attack on b0c55400000 (000000:A7:86)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
False
[0:08:20] starting wpa handshake capture on "b0c554000000"
[0:07:35] listening for handshake...
(^C) WPA handshake capture interrupted
[+] 46 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): c
[0:00:00] initializing PixieWPS attack on Tupp0000 (0000000:07:00)
[!] unable to complete in 70 seconds
[+] skipping pixiewps on Tuppy Glossop
[+] Pixiewps attack failed!
False
[0:08:20] starting wpa handshake capture on "Tuppy Glo00000"
Traceback (most recent call last):...
File "./wifitemod", line 3164, in
main()
File "./wifitemod", line 333, in main
if wpa_get_handshake(iface, t, ts_clients):
File "./wifitemod", line 1931, in wpa_get_handshake
if has_handshake(target, temp + 'wpa-01.cap.temp'):
File "./wifitemod", line 2152, in has_handshake
valid_handshake = has_handshake_tshark(target, capfile)
File "./wifitemod", line 2054, in has_handshake_tshark
msg = fields[9][0] # The message number (1, 2, 3, or 4)
IndexError: list index out of range
ADD keys
First of all. THanks for this amazing tool
It works fantastic but when I am trying to update it.
I get this error
[+] downloading update...
Archive: /tmp/wifiteuHvqaP/wifite-mod-pixiewps-master.zip
c152b715cc7478c71ab1d33dfc68d05fbdc9677c
creating: /tmp/wifiteuHvqaP/wifite-mod-pixiewps-master/
inflating: /tmp/wifiteuHvqaP/wifite-mod-pixiewps-master/LICENSE
inflating: /tmp/wifiteuHvqaP/wifite-mod-pixiewps-master/README.md
inflating: /tmp/wifiteuHvqaP/wifite-mod-pixiewps-master/wifite-ng
rm: cannot remove `update_wifite.sh': Text file busy
[+] Updated
[+] quitting
-2, --two Show scanning result in two columns.
from the brianpow/wifite fork.
use a netbook on the road, has a smaller screen.
Just another possible todo, but at least the code is already written for this one.
NUM ESSID CH ENCR POWER WPS? CLIENT
1 \x00\x00\x00\x0000 6 WPA2 63db wps
2 b0c554a10000 1 WPA2 54db wps client
3 We hear you wa0000 6 WPA2 53db wps
4 DG1670000 11 WPA2 52db wps
5 DVW3200000 1 WPA2 51db wps
6 Wiley0000 10 WPA2 50db wps
7 Tuppy Glo0000 6 WPA2 50db Locked
8 133 K0000 6 WPA2 49db wps
9 TG1670000 11 WPA2 48db wps
10 atlantis2010000 10 WPA2 46db wps
11 ZOOM 6 WPA2 45db wps
12 DVW3200000 1 WPA2 44db wps
13 906EBBB60000 1 WPA2 44db wps
14 \x00\x00\0000 6 WPA2 44db wps
15 TommyAn0000 6 WPA2 44db wps
16 133 K0000 6 WPA2 44db Locked
17 DG1670000 11 WPA2 43db wps
18 DG1670000 1 WPA2 43db Locked
19 Pand0000 11 WPA2 42db wps
20 ShinySp0000 1 WPA2 42db wps
21 Kirin0000 1 WPA2 42db wps
22 Ony0000 1 WPA2 41db wps
23 TG1670000 1 WPA2 40db wps
24 DG1670000 1 WPA2 38db Locked
25 McP0000 6 WPA2 38db wps
26 PS0000 1 WPA2 38db wps
27 DDW360000 3 WPA 37db wps
28 TG1670000 6 WPA2 37db wps
29 NETGE0000 11 WPA2 37db wps
30 linda'0000 11 WPA2 37db wps
[+] select target numbers (1-30) separated by commas, or 'all': all
[+] 30 targets selected.
[0:00:00] initializing PixieWPS attack on \x00\x00\x00\x000000 (0000:79:0F)
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x0000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x0000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\0000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[!] unable to complete successful try in 90 seconds
[+] skipping pixiewps on \x00\x00\x00\x00000
[0:00:00] initializing PixieWPS attack on LUZ DESIG000000 (000000:C8:30)
[!] unable to complete in 70 seconds
[+] skipping pixiewps on LUZ DESI000000
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on NETGEAR17 (0000000:1C:A5)
[+] E-Nonce found
[+] PKE hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on FULTO000000 (0000000:28:50)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on SprintGa000000 (0000000:82:F6)
^C
(^C) Pixiewps attack interrupted
[+] 2 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): e
Traceback (most recent call last):
File "./wifitemod", line 3164, in
main()
File "./wifitemod", line 325, in main
need_handshake = not wps_attack(iface, t)
File "./wifitemod", line 2939, in wps_attack
send_interrupt(proc)
UnboundLocalError: local variable 'proc' referenced before assignment
Count down ideal for time used in -pixiet
But if not just use the same time coding for wps pin attack, counting up till -pixiet
or
same coding the timer uses while searching for access points but set to -pixiet
-pow is a great filter.
but if -pow is used with any PixieWPS function's. misses some targets.
When it starts initial scan for targets its only 13 to 20 secs, then wps compatibility scan. Doesn't give enough time to scan all potential targets.
needs prompt or just longer initial scan time
todo possible
auditing wireless routers. I'd like it if least signal strength added to cracked.txt
todo, wishlist ***
if wifite make ALSO a detailed .txt of each router cracked, separate file
-bssid
-essid
-channel
-clients seen
-highest signal strength
-model
-manufacturer
-pin
-passphrase
failed to crack.txt
-bssid
-essid
-channel
-clients seen
-model
-manufacturer
-Enrollee Nonce
-Registrar Nonce
-PKR Public Key
-PKE Public Key
Against 2 access points I've come across, the pixie attack succeeds, but reaver is able to get the pass phrase. I've waited 10 mins or more sometimes. end up ctrl C'ing
Script will keep trying pin for timeout 660 sec, But pin is not written to cracked file.
Could be router locks, unsure of the cause.
this is new. b4 this version, the model and manufacturer where always correct. Should only be listed once during attack.
[0:00:00] initializing PixieWPS attack on HA0000000 (000000000:D0:30)
[+] E-Nonce found
[+] PKE hash found
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] PKR hash found
[+] Authkey found
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[+] Manufacturer: Celeno Communication, Inc.
[+] Model: CL1800 .
[+] Serial: 12345678
[0:02:21] Waiting...
[!] unable to complete in 140 seconds
[+] skipping pixiewps on HA0000000
[0:00:00] initializing PixieWPS attack on DG1670000 (00000000:27:80)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] PIN found: 76796517
[0:00:00] initializing PixieWPS attack on Wiley0000 (00000000:D7:40)
[!] unable to complete in 75 seconds
[+] skipping pixiewps on WileyRiley
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on DVW320000 (00000000:3E:6B)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on atlantis2010000 (00000000:6D:15)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on 407009EA0000 (00000000:20:20)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] PIN found: 35403876
[0:00:00] initializing PixieWPS attack on DVW3200000 (00000000:A9:5E)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on DG1670000 (00000000:1E:90)
[+] E-Nonce found
[+] PKE hash found
[+] PKR hash found
[+] Authkey found
^C
(^C) Pixiewps attack interrupted
[+] 17 targets remain
[+] what do you want to do?
[c]ontinue attacking targets
[e]xit completely
[+] please make a selection (c, or e): e
Traceback (most recent call last):
File "./wifitemod", line 3148, in
main()
File "./wifitemod", line 324, in main
need_handshake = not wps_attack(iface, t)
File "./wifitemod", line 2930, in wps_attack
send_interrupt(proc)
UnboundLocalError: local variable 'proc' referenced before assignment
root@*****:~/wifite-mod-pixiewps-master#
./wifite -ponly -pto 75 -paddto 60
.;' ;, .;' ,;'
;, ;, WiFite v2 (r104) .;' ,;' ,;'
;, ;,
;,
:: :: : ( ) : :: :: automated wireless auditor
':. ':. ':. /\ ,:' ,:' ,:'
':. ':. /\ ,:' ,:' designed for Linux
':. /___\ ,:'
/ \
modified by aanarchyy([email protected])
Credits to wiire,DataHead,soxrok2212,nxxxu,nuroo
[+] Pixiewps attack only enabled
[+] pixie attack timeout set to 75 seconds
[+] Seconds to add on hash retrevial 60 seconds
............................................
[0:00:00] initializing PixieWPS attack on air0000 (0000000:24:65)
[+] E-Nonce found for hashes
[+] PKE hash foundfor hashes
[+] PKR hash foundfor hashes
[+] Authkey found for hashes
[0:01:16] Waiting for hashes
[!] unable to complete in 75 seconds
[+] skipping pixiewps on ai0000
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on Hi000000 (0000000:70:2E)
[+] E-Nonce found for hashes
[+] PKE hash foundfor hashes
[+] PKR hash foundfor hashes
[+] Authkey found for hashes
[0:01:16] Waiting for hashes
[!] unable to complete in 75 seconds
[+] skipping pixiewps on HiB000000
Script did wait for -pto, but didnt add extra time -paddto 60 secs.
i like the confirmations given thats these options are given.
I've got an infinite waiting no matter the box I use. Why ?
Not sure if this is where this goes;
filter: -p<20 to exclude network with power below 20dB etc
List number of clients for each wireless AP, instead of just the word "CLIENT(S)"
Hope to see these features added in the future. :)
I have installed Kali linux 2017.1 x86 light. I have ran "apt-get update", "apt-get upgrade" and "apt-get install kali-linux-wireless". Wifite keeps saying the following. How can I fix it?
[+] scanning for wireless devices...
Traceback (most recent call last):
File "/usr/bin/wifite", line 3462, in <module>
engine.Start()
File "/usr/bin/wifite", line 1313, in Start
self.RUN_CONFIG.THIS_MAC = get_mac_address(iface) # Store current MAC address
File "/usr/bin/wifite", line 1864, in get_mac_address
proc = Popen(['ifconfig', iface], stdout=PIPE, stderr=DN)
File "/usr/lib/python2.7/subprocess.py", line 390, in __init__
errread, errwrite)
File "/usr/lib/python2.7/subprocess.py", line 1024, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
While script was running, in another terminal window I ran macchanger to check mon0.
macchanger mon0:
Permanent MAC: 00:00:00:00:11:5g (xxxx, Inc.)
Current MAC: 00:00:00:00:11:5g (xxxx, Inc.)
***** meaning true mac address is actually being used while attacking access point *****
As instructed by the script mon0 was not already active b4 running script
This is procedure I use to insure mon0 is truly spoofed or random, ex wlan1
ifconfig wlan1 down
macchanger -r wlan1
Permanent MAC: 00:00:00:00:11:5g (xxxx, Inc.)
Current MAC: 00:11:00:11:00:11 ( example random)
ifconfig wlan1 up
airmon-ng start wlan1
ifconfig mon0 down
macchanger -m 00:11:00:11:00:11 mon0
Permanent MAC: 00:00:00:00:11:5g (xxxx, Inc.)
Current MAC: 00:11:00:11:00:11 (example random)
ifconfig mon0 up
Then still use --mac=00:11:00:11:00:11 in any reaver commands
Then still use -h 00:11:00:11:00:11 in any aireplay-ng commands
both programs will still use the real mac address of attacking wifi card if only macchanger -r on physical interface.
test for yourself or ask on forums.
First pass good. Attack all three. then stuck on first target next runs
./wifite -ponly -pto 60 -padto 20 -endless
[+] select target numbers (1-45) separated by commas, or 'all': 6,29,33
[+] 3 targets selected.
[+] Run 1
[0:00:00] initializing PixieWPS attack on HARBOR0000 (40:70:09:E1:D0:30)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on HARBOR0000
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on TP-L000000000 (00000000:A7:7C)
[+] E-Nonce found
[+] PKE hash found
[+] Manufacturer: TP-LINK
[+] Model: 1.0 g...
[+] PKR hash found
[+] Authkey found
[+] E-Hash1 found
[+] E-Hash2 found
[+] Cracking using pixiewps...
[+] Pixiewps attack failed!
[0:00:00] initializing PixieWPS attack on yetishouse (000000000:86:48)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on yetishouse
[+] Pixiewps attack failed!
[+] Run 2
[0:00:00] initializing PixieWPS attack on HARBOR0000 (0000000:D0:30)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on HARBOR0000
[+] Pixiewps attack failed!
[+] Run 3
[0:00:00] initializing PixieWPS attack on HARBOR0000 (0000000:D0:30)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on HARBOR0000
[+] Pixiewps attack failed!
[+] Run 4
[0:00:00] initializing PixieWPS attack on HARBOR0000 (0000000:D0:30)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on HARBOR0000
[+] Pixiewps attack failed!
[+] Run 5
[0:00:00] initializing PixieWPS attack on HARBOR0000 (0000000:D0:30)
[0:01:01] Waiting...
[!] unable to complete in 60 seconds
[+] skipping pixiewps on HARBOR0000
[+] Pixiewps attack failed!
[+] Run 6
[0:00:00] initializing PixieWPS attack on HARBOR0000 (00000000:D0:30)
^C0:00:04] Waiting...
(^C) Pixiewps attack interrupted
[+] previously cracked access points:
* (_:37:56) : "Key is '_***_' and PIN is '*******'"
DG0000000 (00000000000) : "Key is '8888888888' and PIN is '_****'"
[+] quitting
r108
./wifite -ponly -pto 45 -paddto 20 -wpsretry 10 -c1
NUM ESSID CH ENCR POWER WPS? CLIENT
1 TG1600000 1 WPA2 60db wps
2 10Cle00000 1 WPA2 50db wps
3 DG1000000 1 WPA2 49db wps
4 thec0000000 9 WPA2 49db wps
5 Cro000000 7 WPA2 49db wps
6 FAR00000 3 WPA2 49db wps
7 TG1600000 11 WPA2 48db wps
8 TC8717TF1 6 WPA2 47db wps
9 FiO0000000 1 WPA2 46db wps
10 R000000000 11 WPA2 46db wps
11 DG00000000 1 WPA2 45db wps
Guys, I'm having this issue.
Each time I press CTRL+C to stop scanning, wifite quits
[+] scanning (mon0), updates at 5 sec intervals, CTRL+C when ready.
NUM ESSID CH ENCR POWER WPS? CLIENT
--- -------------------- -- ---- ----- ---- ------
1 ARRIS****** 1 WPA2 16db no
2 DDia******** 1 WPA2 15db no
3 Fami******** 1 WPA2 12db wps client
4 famil******** 1 WPA2 12db no
^C0:00:08] scanning wireless networks. 4 targets and 1 client found
(^D) interrupted
[+] disabling monitor mode on mon0... done
[+] quitting
I'm using:
Tried from the same machine and via SSH from 2 different computers but still the same.
I would appreciate your help.
Thanks in advance!
Currently reaver-wps-fork-t6x supports two default WPS pin generator attacks (dlink and Belkin) so why not add to wifite the ability to try those attacks on a BSSID when wifite sees their OUI?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.